<?php
ob_start();
if(!isset($_SESSION)) 
	{ 
		session_start(); 
	}
include '../operations/connection.php';

if(!isset($_SESSION['user']))
{
	header( 'Location: login.php' );
}
else
{
	$username = $_SESSION['fullname'];
	$id_employee = $_SESSION['IDEmployee'];
}

$title = $_REQUEST['title'];
$content = $_REQUEST['ncontent'];
$content = str_replace("'","",$content);
$idmemo = $_REQUEST['idmemo'];

if(isset($_REQUEST['save'])){
	if(isset($_REQUEST['action'])){
		if($_REQUEST['action']=='edit'){
			$sql = "UPDATE list_memo SET Title ='$title' , Content ='$content' ,CreatedDate=NOW() WHERE IDMemo ='$idmemo'";
			mysql_query($sql);
		}else{
			$sql = "INSERT INTO list_memo(Title,Content,IDEmployee,CreatedDate,`Status`) VALUES('$title','$content','$id_employee',NOW(),1);";
			mysql_query($sql);
		}
	}
}

mysql_close($connection);


if(isset($_REQUEST['save'])){
	header("Location: ../privatememo.php");
}
ob_flush();

?>